package com.daiqee.controller;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import com.daiqee.controller.support.BaseController;
import com.daiqee.util.MD5Utils;
import com.daiqee.util.ValidateCodeUtils;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
/**
 * 账号登陆
 * 
 * <br/>
 * @since JDK 1.8
 * @version  V2.1
 * @author RichardTang 
 * @date: 2018年5月7日 下午5:54:04
 * @package com.daiqee.handler
 * @copyright:Copyright (c) 2018, 1245811923@qq.com All Rights Reserved.
 */
@Controller
public class LoginController extends BaseController{

	/**
	 * shiro校验方式登陆用户
	 * @param username
	 * 					用户名
	 * @param password
	 * 					密码
	 * @param request
	 * 					请求
	 * @return 跳转路径
	 */
	@RequestMapping(value="/login",method= {RequestMethod.POST,RequestMethod.GET})
	public String shiroLogin(String username,String password,String captcha){
		 //获取当前用户,判断是否登录
		Subject currentUser = SecurityUtils.getSubject();
		if(currentUser.isAuthenticated()) {
				//当前用户已经存在直接跳转到后台页面
				return "forward:/admin/index.jsp";
		}
		//当前用户没有登录,先获取session
		HttpSession currentSession = request.getSession();
		//从session中获取生成的验证码
		String cap = (String) currentSession.getAttribute("captcha");	
		if(username==null&&password==null&&captcha==null) {
			request.setAttribute("error", "请先完成登录!");
			return "forward:/login.jsp";
		}else if(username.isEmpty()||password.isEmpty()||captcha.isEmpty()) {
			request.setAttribute("error", "请填写登录信息!");
			return "forward:/login.jsp";
		}
		//转成大写
		captcha = captcha.toUpperCase();
		//判断验证码和输入的验证码是否相同
		if(!(cap.equals(captcha))) {
			request.setAttribute("error", "验证码输入错误!");
			return "forward:/login.jsp";
		}
		
		try{
			//获取当前登陆的对象
            Subject subject = SecurityUtils.getSubject(); 
            //判断该对象是否已经登陆了
            if (!subject.isAuthenticated()){
            	if(username.equals("")||password.equals("")) {
            		request.setAttribute("error", "账号或者密码不能为空");
            		return "forward:/login.jsp";  
            	}
            	//通过接收过来的账号和用户名进行令牌创建
            	UsernamePasswordToken token = new UsernamePasswordToken(username, MD5Utils.md5(password));  
            	//记住当前用户
                token.setRememberMe(true);  
                //使用shiro来验证
                subject.login(token);//验证角色和权限  
                //执行角色和权限授权操作
                subject.hasRole("研发部");
            } 
        }catch(Exception e){
            request.setAttribute("error", "账号或者密码错误");
        	return "forward:/login.jsp";
        }
	    return "forward:/admin/index.jsp";  
	 }
	
	/**
	 * 用户退出操作
	 * @return 跳转到登陆页面
	 */
	@RequestMapping(value="/logout",method=RequestMethod.GET)
	 public String logout(){
	    Subject subject = SecurityUtils.getSubject();
	    if (subject.isAuthenticated()) {
	    	subject.logout();
	    }
	    return "redirect:/login.jsp";
	 }
	  
	/**
	 * 验证码请求
	 * @param request
	 * 			请求
	 * @param response 
	 * 			响应
	 * @return void
	 */
	 @RequestMapping(value="captcha",method=RequestMethod.GET)
	 public void getCode(HttpServletRequest request, HttpServletResponse response){
	    ValidateCodeUtils code = new ValidateCodeUtils(100, 30, 4, 30, 25, "captcha");
	    code.getCode(request, response);
	 }
}
